Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02 Ran by Radek (administrator) on DESKTOP-1OFQNBO (Micro-Star International Co., Ltd. MS-7B61) (10-02-2020 17:15:48) Running from C:\Users\dodom\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Loaded Profiles: Radek (Available Profiles: Radek) Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: Angielski (Zjednoczone Królestwo) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dodom\AppData\Local\Discord\app-0.0.305\Discord.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_19_9\mcapexe.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.3.122.0\McCSPServiceHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MQS\QcShm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GetHelp_10.1909.22691.0_x64__8wekyb3d8bbwe\GetHelp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Valve -> ) D:\Program Files\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1262544 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36098448 2020-02-07] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dodom\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dodom\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\RunOnce: [Uninstall 19.222.1110.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dodom\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dodom\AppData\Local\Microsoft\OneDrive\19.222.1110.0006" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\MountPoints2: {214b13e1-382e-11e9-ae18-309c23856d1d} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\MountPoints2: {9df18f1c-4a68-11ea-ae5a-309c23856d1d} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\MountPoints2: {cd414fe0-3a22-11ea-ae52-309c23856d1d} - "E:\setup.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\MountPoints2: {cd416e57-3a22-11ea-ae52-309c23856d1d} - "F:\setup.exe" HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\...\MountPoints2: {cd416e5f-3a22-11ea-ae52-309c23856d1d} - "H:\setup.exe" HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC) Startup: C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-08-14] ShortcutTarget: MEGAsync.lnk -> C:\Users\dodom\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) Startup: C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-08-14] ShortcutTarget: Twitch.lnk -> C:\Users\dodom\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0280C93D-7124-4790-A9B4-370DE4688A5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Task: {04701905-A9F1-43BF-80AB-8AF6F968286D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe) Task: {0B6955B3-A334-4852-A467-4528CD5AA0B7} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040832 2019-11-14] (McAfee, LLC. -> McAfee, LLC.) Task: {14262ACB-218D-485D-B372-1E26D81CB428} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe) Task: {146B0F62-13FF-44C8-9204-16767973AE78} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.122\DADUpdater.exe [4144776 2020-01-26] (McAfee, Inc. -> McAfee, LLC.) Task: {1AC08E94-BE7D-4B71-9FA4-6D14BCED42C4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {227A1E8D-CBBF-4EED-B506-306F13B33287} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2C475437-ECA9-4216-800F-209E5ED5CC7B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-06] (Google Inc -> Google Inc.) Task: {47A19A6B-8B9B-4505-AD47-C3BA9D99C1F3} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) Task: {4AC59D4E-9BC6-40D8-9B7C-00F03B75F510} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Task: {4BEF8EF1-DAAD-4D93-AAC7-F85E5B5A6907} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018192 2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Task: {4BFA0CD3-A227-4D34-8F95-3C94EB224DC5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {53E4B5B6-1378-4983-A164-D2B070D10334} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018192 2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Task: {5E77A0E6-60AE-44E7-9660-09D668BA8B89} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {695A19BC-DF79-42DC-8AE8-82594A0F2D86} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {8482E23C-886F-422B-A0EB-63115E168250} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {974DE117-305D-4DA7-8231-30C6746B71BA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040832 2019-11-14] (McAfee, LLC. -> McAfee, LLC.) Task: {97E7748D-1BF5-456E-9442-CB8A7D9BD15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-06] (Google Inc -> Google Inc.) Task: {9ACED830-28E2-434D-BF93-54DE39F6A762} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A5E34DFA-C586-433B-88DB-3479281E36F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation) Task: {B17C8DD7-2C54-4062-ACE8-0874BD415E9D} - System32\Tasks\Opera scheduled Autoupdate 1531060628 => C:\Users\dodom\AppData\Local\Programs\Opera\launcher.exe Task: {B4E48EC2-9287-4150-A8C7-297518303EA2} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4548368 2019-12-04] (McAfee, LLC -> McAfee, LLC.) Task: {BEDD53C0-CA62-4C9A-91DD-CAE48F79A96A} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2019-12-12] (McAfee, Inc. -> McAfee, LLC.) Task: {C65F0863-9BD5-46D1-8A2F-7C08E8338D38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C6ABFE34-5D9B-4C84-B762-24BC06668650} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C89DC5C5-5F1C-4C59-B865-FEF4DA56F3F0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CAB4E58F-AC02-4845-B57D-5751D0FEA0E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation) Task: {DAAF30A3-8FDA-4CE6-950E-4F88EA5118C3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759752 2019-08-14] (McAfee, LLC. -> McAfee, LLC.) Task: {F8D6478B-E975-4BC7-B806-F74D5D3EA6F4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6736ddd7-f3fd-4c46-a688-8e1ae9394206}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2819741429-3857410540-1034053556-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-02-05] (McAfee, LLC -> McAfee, Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-15] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-02-05] (McAfee, LLC -> McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-15] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-07] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-12-03] (McAfee, LLC. -> McAfee, LLC.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-12-03] (McAfee, LLC. -> McAfee, LLC.) Edge: ====== DownloadDir: C:\Users\dodom\Downloads Edge Notifications: HKU\S-1-5-21-2819741429-3857410540-1034053556-1002 -> hxxps://poczta.onet.pl; hxxps://www.facebook.com FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-02-05] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> ) FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-12-03] (McAfee, LLC. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-15] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-15] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-12-03] (McAfee, LLC. -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default [2020-02-05] CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?fr=mcafee&type=E211GB550G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://uk.search.yahoo.com/sugg/gossip/gossip-uk-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Prezentacje) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-06] CHR Extension: (Dokumenty) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-06] CHR Extension: (Dysk Google) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-06] CHR Extension: (YouTube) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-06] CHR Extension: (Arkusze) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-06] CHR Extension: (McAfee® WebAdvisor) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-20] CHR Extension: (Dokumenty Google offline) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05] CHR Extension: (Gmail) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-25] CHR Extension: (Chrome Media Router) - C:\Users\dodom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-20] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3772120 2017-02-26] (Intel(R) Corporation -> Intel Corporation) R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-20] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129712 2020-01-28] (Microsoft Corporation -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-01-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21432 2020-01-31] (Microsoft Corporation -> Microsoft Corporation) R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21432 2020-01-31] (Microsoft Corporation -> Microsoft Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [915832 2020-02-05] (McAfee, LLC -> McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_9\McApExe.exe [748040 2019-11-20] (McAfee, LLC. -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.3.122.0\\McCSPServiceHost.exe [2685776 2019-10-31] (McAfee, LLC. -> McAfee, LLC.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [638536 2019-11-08] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [638536 2019-11-08] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [638536 2019-11-08] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1731616 2019-11-14] (McAfee, LLC -> McAfee, LLC.) S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-07-29] (Mail.Ru LLC -> LLC Mail.Ru) R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1366672 2019-11-19] (McAfee, LLC. -> McAfee, LLC.) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-19] (Razer USA Ltd. -> Razer Inc.) S3 Rockstar Service; D:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-12] (Rockstar Games, Inc. -> Rockstar Games) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2019-12-04] (Razer USA Ltd. -> Razer Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S2 amdacpusrsvc; "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75912 2019-11-19] (McAfee, Inc. -> McAfee, LLC) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-01-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-01-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2020-01-30] (Microsoft Windows -> Microsoft Corporation) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [522368 2019-11-19] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380544 2019-11-19] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517256 2019-11-19] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [996488 2019-11-19] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [564144 2019-09-16] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107952 2019-09-16] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116872 2019-11-19] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252552 2019-11-19] (McAfee, Inc. -> McAfee, LLC) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-07-29] (Mail.Ru LLC -> LLC Mail.Ru) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9e532b5f619dc909\nvlddmkm.sys [23276960 2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc) R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0228; C:\WINDOWS\System32\drivers\RzDev_0228.sys [51592 2019-01-17] (Razer USA Ltd. -> Razer Inc) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3865f7cd0ca0fb7c\xvdd.sys [485720 2020-01-31] (Microsoft Windows -> Microsoft Corporation) S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-02-09 19:47 - 2020-02-10 17:16 - 000000000 ___DC C:\FRST 2020-02-08 12:37 - 2020-02-08 12:37 - 000000000 __HDC C:\$SysReset 2020-02-08 10:27 - 2020-02-08 10:27 - 000000017 _____ C:\Users\dodom\AppData\Local\resmon.resmoncfg 2020-02-05 18:13 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-02-05 18:13 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-02-05 18:13 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-02-05 18:13 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-02-05 18:13 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-02-05 18:13 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-02-05 18:13 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-02-05 18:13 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-02-05 18:13 - 2020-01-31 00:03 - 011843504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2020-02-05 18:13 - 2020-01-31 00:03 - 010167544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444219.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444219.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000825720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000677584 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-02-05 18:13 - 2020-01-31 00:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-02-05 18:13 - 2020-01-31 00:01 - 040511408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2020-02-05 18:13 - 2020-01-31 00:01 - 035380120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2020-02-05 18:13 - 2020-01-31 00:01 - 015031808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-02-05 18:13 - 2020-01-30 05:20 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2020-01-31 21:23 - 2020-01-31 21:23 - 000000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.14.lnk 2020-01-31 15:45 - 2020-01-31 15:45 - 000000000 ____D C:\WINDOWS\Panther 2020-01-30 21:18 - 2020-01-31 09:35 - 001336248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2020-01-30 21:18 - 2020-01-31 09:34 - 000149432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2020-01-30 21:18 - 2020-01-31 09:34 - 000087992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2020-01-30 21:18 - 2020-01-31 09:34 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2020-01-30 21:18 - 2020-01-31 09:34 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2020-01-27 15:26 - 2020-01-27 15:26 - 000000000 ____D C:\Users\dodom\AppData\Roaming\Valve Corporation 2020-01-23 17:12 - 2020-02-09 15:23 - 000000000 ____D C:\Users\dodom\AppData\Roaming\launcher-main 2020-01-23 17:12 - 2020-01-23 17:12 - 000000000 ____D C:\Users\dodom\AppData\Roaming\Paradox Launcher 2020-01-23 17:12 - 2020-01-23 17:12 - 000000000 ____D C:\Users\dodom\AppData\Roaming\Paradox Interactive 2020-01-23 17:12 - 2020-01-23 17:12 - 000000000 ____D C:\Users\dodom\AppData\Local\Paradox Interactive 2020-01-20 15:53 - 2020-01-20 15:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2020-01-20 15:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2020-01-20 15:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2020-01-20 15:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-19 12:20 - 2020-01-23 17:17 - 000000000 ____D C:\Users\dodom\AppData\Roaming\GameSparks 2020-01-19 09:51 - 2020-01-19 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-01-19 09:51 - 2020-01-19 09:51 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-01-18 22:43 - 2020-01-18 22:43 - 000000000 ___DC C:\Users\Public\Documents\Daemon Tools Images 2020-01-18 22:43 - 2020-01-18 22:43 - 000000000 ___DC C:\ProgramData\Documents\Daemon Tools Images 2020-01-18 22:41 - 2020-01-18 22:43 - 000000000 ____D C:\Users\dodom\AppData\Local\Disc_Soft_Ltd 2020-01-18 20:39 - 2020-01-31 21:17 - 000000000 ____D C:\Users\dodom\AppData\Roaming\DAEMON Tools Lite 2020-01-18 20:39 - 2020-01-18 20:39 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2020-01-18 20:39 - 2020-01-18 20:39 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2020-01-18 20:39 - 2020-01-18 20:39 - 000000000 ___DC C:\Users\Public\Documents\Catch! 2020-01-18 20:39 - 2020-01-18 20:39 - 000000000 ___DC C:\ProgramData\Documents\Catch! 2020-01-18 20:39 - 2020-01-18 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite 2020-01-18 20:39 - 2020-01-18 20:39 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2020-01-18 20:39 - 2020-01-18 20:39 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2020-01-18 19:51 - 2020-01-29 12:33 - 000000000 ____D C:\Users\dodom\opera autoupdate 2020-01-18 19:42 - 2020-01-22 14:37 - 000000000 ____D C:\Users\dodom\AppData\Local\BitTorrentHelper 2020-01-18 17:08 - 2020-01-22 15:45 - 000000000 ____D C:\Users\dodom\AppData\Roaming\uTorrent Web 2020-01-18 17:08 - 2020-01-18 19:42 - 000001872 ____C C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2020-01-18 16:12 - 2020-02-04 10:08 - 000001437 ____C C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\stellaris.lnk 2020-01-18 14:21 - 2020-01-18 14:21 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2020-01-18 14:21 - 2020-01-18 14:21 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll 2020-01-18 14:20 - 2020-01-18 14:21 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2020-01-18 14:20 - 2020-01-18 14:20 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys 2020-01-18 14:20 - 2020-01-18 14:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-01-18 14:20 - 2020-01-18 14:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-01-18 14:17 - 2020-01-18 14:17 - 000492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-01-18 14:17 - 2020-01-18 14:17 - 000390656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-01-18 08:57 - 2020-01-31 10:04 - 000000000 ____D C:\Users\dodom\Documents\Paradox Interactive ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-02-10 17:16 - 2018-07-06 00:03 - 000000000 ___DC C:\Users\dodom\AppData\Local\NVIDIA Corporation 2020-02-10 17:16 - 2018-07-05 02:25 - 000000000 ___DC C:\ProgramData\NVIDIA 2020-02-10 17:10 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-02-10 16:58 - 2019-08-14 13:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2020-02-10 16:56 - 2019-08-14 13:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2819741429-3857410540-1034053556-1002 2020-02-10 16:56 - 2019-08-14 12:57 - 000002418 ____C C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-02-10 16:56 - 2018-07-06 00:13 - 000000000 ___DC C:\Program Files (x86)\Steam 2020-02-10 16:56 - 2018-07-06 00:04 - 000000000 __RDC C:\Users\dodom\OneDrive 2020-02-10 16:55 - 2019-08-14 13:01 - 000004226 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A9D763B8-2186-4EB6-8D1E-2B0E0B23873C} 2020-02-09 20:50 - 2019-08-14 12:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-02-09 19:47 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-02-09 12:21 - 2018-08-28 16:07 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\discord 2020-02-08 17:58 - 2018-07-06 00:20 - 000000000 ___DC C:\Users\dodom\AppData\Local\PlaceholderTileLogoFolder 2020-02-08 14:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-02-08 14:07 - 2019-08-14 14:43 - 000787972 _____ C:\WINDOWS\system32\perfh015.dat 2020-02-08 14:07 - 2019-08-14 14:43 - 000153812 _____ C:\WINDOWS\system32\perfc015.dat 2020-02-08 14:07 - 2019-08-14 13:04 - 001773514 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-02-08 14:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-02-08 12:49 - 2019-05-08 18:32 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Games 2020-02-08 12:49 - 2018-07-06 17:07 - 000000000 ___DC C:\Users\dodom\AppData\Local\CrashDumps 2020-02-08 12:46 - 2019-11-19 19:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-02-08 12:46 - 2019-08-14 13:01 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2020-02-08 12:46 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-02-08 12:30 - 2018-07-06 00:32 - 000002314 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-02-08 12:24 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-02-07 19:59 - 2020-01-07 19:11 - 000000000 ____D C:\Users\dodom\AppData\Local\WallpaperSuite 2020-02-07 19:35 - 2018-07-06 20:07 - 000000000 ___DC C:\Users\dodom\AppData\Local\ElevatedDiagnostics 2020-02-07 12:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-02-07 12:36 - 2019-03-06 20:53 - 000000000 ___DC C:\Program Files\Microsoft Office 2020-02-07 12:35 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-02-05 18:38 - 2019-03-04 14:36 - 000000000 ___DC C:\Program Files (x86)\McAfee 2020-02-05 18:17 - 2018-07-08 15:32 - 000000000 ___DC C:\Program Files\McAfee 2020-02-05 18:14 - 2018-07-30 19:01 - 000000000 ___DC C:\temp 2020-02-05 18:14 - 2018-07-07 15:54 - 000000000 ___DC C:\Users\dodom\AppData\Local\NVIDIA 2020-02-05 18:14 - 2018-07-05 02:24 - 000000000 ___DC C:\ProgramData\NVIDIA Corporation 2020-02-05 18:14 - 2018-07-05 02:06 - 000000000 ___DC C:\Program Files\NVIDIA Corporation 2020-02-05 17:55 - 2018-07-09 11:19 - 000000000 ___DC C:\Users\dodom\AppData\Local\D3DSCache 2020-02-05 15:29 - 2019-08-14 13:01 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-02-05 15:29 - 2019-08-14 13:01 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-02-04 10:09 - 2019-10-18 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2020-02-04 10:08 - 2019-03-28 20:26 - 000000896 ____C C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prison Architect.lnk 2020-02-03 17:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-02-03 16:03 - 2020-01-03 20:34 - 000000000 ____D C:\Users\dodom\Documents\My Games 2020-02-01 12:26 - 2018-07-08 15:27 - 000000000 ___DC C:\Program Files\WinRAR 2020-02-01 12:21 - 2019-12-30 13:27 - 000000000 ____D C:\ProgramData\TruckersMP 2020-01-31 21:18 - 2018-07-08 15:27 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-01-31 21:18 - 2018-07-08 15:27 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-01-31 21:17 - 2019-11-19 19:28 - 000000000 ____D C:\Users\dodom\AppData\Roaming\TeamViewer 2020-01-31 10:03 - 2018-07-09 11:23 - 000000000 ___DC C:\ProgramData\Packages 2020-01-31 10:03 - 2018-07-06 00:03 - 000000000 ___DC C:\Users\dodom\AppData\Local\Packages 2020-01-30 23:58 - 2019-04-16 11:27 - 004963008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2020-01-30 23:58 - 2019-04-16 11:27 - 004230752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-01-30 22:38 - 2018-07-06 00:25 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-01-30 05:20 - 2019-04-16 11:27 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2020-01-30 05:20 - 2019-04-16 11:27 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2020-01-30 02:40 - 2019-04-16 11:27 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb 2020-01-30 00:56 - 2018-07-05 02:25 - 005577224 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 002655864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 000670840 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 000454512 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 000131176 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2020-01-30 00:56 - 2018-07-05 02:25 - 000083976 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2020-01-29 15:09 - 2018-12-23 15:59 - 000000000 __HDC C:\Program Files\Common Files\EAInstaller 2020-01-29 15:03 - 2018-07-06 00:03 - 000000000 ___DC C:\Users\dodom\AppData\Local\ConnectedDevicesPlatform 2020-01-27 08:11 - 2018-07-05 02:25 - 008887562 ____C C:\WINDOWS\system32\nvcoproc.bin 2020-01-23 14:28 - 2018-07-05 02:25 - 000001951 ____C C:\WINDOWS\NvContainerRecovery.bat 2020-01-21 15:07 - 2019-10-05 18:04 - 000004646 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-01-21 15:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-01-21 15:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-01-20 15:53 - 2019-08-14 13:01 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2019-08-14 13:01 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2019-08-14 13:01 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2019-08-14 13:01 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2019-08-14 13:01 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2019-08-14 13:01 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-20 15:53 - 2018-07-05 02:25 - 000000000 ___DC C:\Program Files (x86)\NVIDIA Corporation 2020-01-20 15:52 - 2019-08-14 12:57 - 000000000 ____D C:\Users\dodom 2020-01-20 15:26 - 2019-11-19 19:28 - 000000000 ____D C:\Users\dodom\AppData\Local\TeamViewer 2020-01-19 09:51 - 2019-10-19 17:24 - 000000000 ____D C:\Users\dodom\AppData\Local\Riot Games 2020-01-18 19:42 - 2019-08-14 12:53 - 000445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-01-18 19:41 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP 2020-01-18 19:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-01-18 19:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-01-18 19:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-01-18 17:07 - 2018-08-11 09:43 - 000000000 ___DC C:\Users\dodom\AppData\Local\Ubisoft Game Launcher 2020-01-18 14:24 - 2018-07-07 11:41 - 000000000 ___DC C:\WINDOWS\system32\MRT 2020-01-18 14:22 - 2018-07-07 11:41 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-01-17 22:19 - 2018-12-23 13:32 - 000000000 ___DC C:\Program Files (x86)\Origin Games 2020-01-17 22:13 - 2019-08-23 18:11 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy 2020-01-17 22:13 - 2019-08-23 18:07 - 000000000 ____D C:\ProgramData\GOG.com 2020-01-15 21:27 - 2020-01-03 17:21 - 000000000 ____D C:\Users\dodom\Documents\Euro Truck Simulator 2 2020-01-12 13:55 - 2018-07-06 19:54 - 000000000 ___DC C:\Users\dodom\AppData\Roaming\TS3Client ==================== Files in the root of some directories ======== 2020-02-08 10:27 - 2020-02-08 10:27 - 000000017 _____ () C:\Users\dodom\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================